pp-allrecipes

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches and installs the allrecipes-pp-cli tool and the printing-press installer from the vendor's official repositories on GitHub and the NPM registry.
  • [COMMAND_EXECUTION]: Executes the allrecipes-pp-cli binary to perform recipe searches, manage local SQLite storage, and process data for pantry matching.
  • [DATA_EXFILTRATION]: Features a --deliver webhook:<url> flag that allows command results to be transmitted to an external HTTP endpoint via POST requests. It also includes a feedback mechanism that can be configured to send data to a remote server.
  • [CREDENTIALS_UNSAFE]: Includes an auth login command that interacts with the local browser environment to capture Cloudflare clearance cookies required for bot detection bypass.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 05:30 PM
Security Audit — agent-trust-hub — pp-allrecipes